<?php

ob_start();
session_start();
require_once 'includes/az_mysqli.php';
require_once 'classes/az_User.php';

//Function check login
checklogin();

/*
 *  Function check login user name
 */

function checklogin() {
    global $az_db;
    $username = trim($_POST['username']);
    $password = trim($_POST['password']);
    if (!is_null($username) && !is_null($password)) {
        $_pass = md5(utf8_decode($password));
        $sql = "SELECT username,password FROM az_users WHERE username=? and password=?";
        $stmt = $az_db->getConnect()->prepare($sql);
        $stmt->bind_param('ss', $username, $_pass);
        $stmt->bind_result($name, $password);
        if ($stmt->execute()) {
            $stmt->store_result();
            if ($stmt->num_rows) {
                while ($stmt->fetch()) {
                    if ($username == $name && $_pass == $password) {
                        if (isset($_SESSION['username']) && isset($_SESSION['password'])) {
                            header('Location: script/index/index.php');
                        } else {
                            $_SESSION['username'] = $name;
                            $_SESSION['password'] = $password;
                            $_SESSION['start'] = time();
                            $_SESSION['expire'] = $_SESSION['start'] + (30 * 60) ; 
                            header('Location: script/index/index.php');
                        }
                    }
                }
            }else{
                header('Location: index.php?err=1');
            }
        }
    } else {
        header('Location: index.php?err=1');
    }
}

?>
